{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,28]],"date-time":"2025-03-28T00:12:15Z","timestamp":1743120735046,"version":"3.40.3"},"publisher-location":"Cham","reference-count":50,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319269603"},{"type":"electronic","value":"9783319269610"}],"license":[{"start":{"date-parts":[[2015,1,1]],"date-time":"2015-01-01T00:00:00Z","timestamp":1420070400000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015]]},"DOI":"10.1007\/978-3-319-26961-0_4","type":"book-chapter","created":{"date-parts":[[2015,12,16]],"date-time":"2015-12-16T13:07:52Z","timestamp":1450271272000},"page":"36-57","source":"Crossref","is-referenced-by-count":1,"title":["Reflections on the Self-service Cloud Computing Project"],"prefix":"10.1007","author":[{"given":"Vinod","family":"Ganapathy","sequence":"first","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2015,12,31]]},"reference":[{"key":"4_CR1","doi-asserted-by":"crossref","unstructured":"Butt, S., Lagar-Cavilla, H.A., Srivastava, A., Ganapathy, V.: Self-service cloud computing. In: ACM CCS (2012)","DOI":"10.1145\/2382196.2382226"},{"key":"4_CR2","doi-asserted-by":"crossref","unstructured":"Butt, S., Ganapathy, V., Srivastava, A.: On the control plane of a self-service cloud platform. In: ACM SOCC (2014)","DOI":"10.1145\/2670979.2670989"},{"key":"4_CR3","unstructured":"Butt, S.: Self-service Cloud Computing. Ph.D. thesis, Rutgers University, January 2015"},{"key":"4_CR4","unstructured":"CVE-2007-4993: Xen guest root escapes to dom0 via pygrub"},{"key":"4_CR5","unstructured":"CVE-2007-5497: Integer overflows in libext2fs in e2fsprogs"},{"key":"4_CR6","unstructured":"CVE-2008-0923: Directory traversal vulnerability in the shared folders feature for VMWare"},{"key":"4_CR7","unstructured":"CVE-2008-1943: Buffer overflow in the backend of XenSource Xen paravirtualized frame buffer"},{"key":"4_CR8","unstructured":"CVE-2008-2100: VMWare buffer overflows in VIX API let local users execute arbitrary code in host OS"},{"key":"4_CR9","unstructured":"Kortchinsky, K.: Hacking 3D (and breaking out of VMWare). In: BlackHat USA (2009)"},{"key":"4_CR10","unstructured":"Gartner: Assesing the Security Risks of Cloud Computing. http:\/\/www.gartner.com\/DisplayDocument?id=685308"},{"key":"4_CR11","unstructured":"Chen, P.M., Noble, B.: When virtual is better than real. In: HotOS (2001)"},{"key":"4_CR12","unstructured":"Garfinkel, T., Rosenblum, M.: A virtual machine introspection based architecture for intrusion detection. In: NDSS (2003)"},{"key":"4_CR13","unstructured":"Clark, C., Fraser, K., Hand, S., Hansen, J.G., Jul, E., Limpach, C., Pratt, I., Warfield, A.: Live migration of virtual machines. In: USENIX NSDI (2005)"},{"key":"4_CR14","unstructured":"Litty, L., Lagar-Cavilla, H.A., Lie, D.: Computer meteorology: monitoring compute clouds. In: HotOS (2009)"},{"key":"4_CR15","unstructured":"Berger, S., Caceres, R., Goldman, K., Perez, R., Sailer, R., van Door, L.: vTPM: virtualizing the trusted platform module. In: USENIX Security (2006)"},{"key":"4_CR16","unstructured":"Kauer, B.: OSLO: improving the security of trusted computing. In: USENIX Security (2007)"},{"key":"4_CR17","unstructured":"Group, T.C.: TPM main spec., l2 v1.2 r116. http:\/\/www.trustedcomputinggroup.org\/resources\/tpm_main_specification"},{"key":"4_CR18","doi-asserted-by":"crossref","unstructured":"Keller, E., Szefer, J., Rexford, J., Lee, R.: Eliminating the hypervisor attack surface for a more secure cloud. In: ACM CCS (2011)","DOI":"10.1145\/2046707.2046754"},{"key":"4_CR19","doi-asserted-by":"crossref","unstructured":"Zhang, F., Chen, J., Chen, H., Zang, B.: CloudVisor: retrofitting protection of virtual machines in multi-tenant cloud with nested virtualization. In: ACM SOSP (2011)","DOI":"10.1145\/2043556.2043576"},{"key":"4_CR20","unstructured":"Santos, N., Rodrigues, R., Gummadi, K., Saroiu, S.: Policy-sealed data: a new abstraction for building trusted cloud services. In: USENIX Security (2012)"},{"key":"4_CR21","doi-asserted-by":"crossref","unstructured":"Danev, B., Masti, R., Karame, G., Capkun, S.: Enabling secure VM-vTPM migration in private clouds. In: ACSAC (2011)","DOI":"10.1145\/2076732.2076759"},{"key":"4_CR22","unstructured":"Sailer, R., Zhang, X., Jaeger, T., van Doorn, L.: Design and implementation of a TCG-based integrity measurement architecture. In: USENIX Security (2004)"},{"key":"4_CR23","doi-asserted-by":"crossref","unstructured":"Colp, P., Nanavati, M., Zhu, J., Aiello, W., Coker, G., Deegan, T., Loscocco, P., Warfield, A.: Breaking up is hard to do: security and functionality in a commodity hypervisor. In: ACM SOSP (2011)","DOI":"10.1145\/2043556.2043575"},{"key":"4_CR24","unstructured":"LeVasseur, J., Uhlig, V., Stoess, J., Gotz, S.: Unmodified device driver reuse and improved system dependability via virtual machines. In: ACM\/USENIX OSDI (2004)"},{"key":"4_CR25","unstructured":"Sailer, R., Jaeger, T., Valdez, E., Caceres, R., Perez, R., Berger, S., Griffin, J., van Doorn, L.: Building a MAC-based security architecture for the xen hypervisor. In: ACSAC (2005)"},{"key":"4_CR26","doi-asserted-by":"crossref","unstructured":"Payne, B., Carbone, M., Lee, W.: Secure and flexible monitoring of virtual machines. In: ACSAC (2007)","DOI":"10.1109\/ACSAC.2007.4413005"},{"key":"4_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"39","DOI":"10.1007\/978-3-540-87403-4_3","volume-title":"Recent Advances in Intrusion Detection","author":"A Srivastava","year":"2008","unstructured":"Srivastava, A., Giffin, J.T.: Tamper-resistant, application-aware blocking of malicious network connections. In: Lippmann, R., Kirda, E., Trachtenberg, A. (eds.) RAID 2008. LNCS, vol. 5230, pp. 39\u201358. Springer, Heidelberg (2008)"},{"issue":"5","key":"4_CR28","first-page":"670","volume":"8","author":"A Baliga","year":"2011","unstructured":"Baliga, A., Ganapathy, V., Iftode, L.: Detecting kernel-level rootkits using data structure invariants. IEEE TDSC 8(5), 670\u2013684 (2011)","journal-title":"IEEE TDSC"},{"key":"4_CR29","doi-asserted-by":"crossref","unstructured":"Payne, B., Carbone, M., Sharif, M., Lee, W.: Lares: an architecture for secure active monitoring using virtualization. In: IEEE Symposium on Security & Privacy (2008)","DOI":"10.1109\/SP.2008.24"},{"key":"4_CR30","unstructured":"Litty, L., Lagar-Cavilla, H.A., Lie, D.: Hypervisor support for identifying covertly executing binaries. In: USENIX Security (2008)"},{"key":"4_CR31","unstructured":"Giffin, J.T.: Model Based Intrusion Detection System Design and Evaluation. Ph.D. thesis, University of Wisconsin-Madison (2006)"},{"key":"4_CR32","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-33338-5_1","volume-title":"Research in Attacks, Intrusions, and Defenses","author":"A Srivastava","year":"2012","unstructured":"Srivastava, A., Raj, H., Giffin, J., England, P.: Trusted VM snapshots in untrusted cloud infrastructures. In: Balzarotti, D., Stolfo, S.J., Cova, M. (eds.) RAID 2012. LNCS, vol. 7462, pp. 1\u201321. Springer, Heidelberg (2012)"},{"key":"4_CR33","doi-asserted-by":"crossref","unstructured":"Waldspurger, C.A.: Memory resource management in VMWare ESX server. In: USENIX\/ACM OSDI (2002)","DOI":"10.1145\/1060289.1060307"},{"key":"4_CR34","unstructured":"Intel: (September 2013) Intel document 329298\u2013001US"},{"key":"4_CR35","doi-asserted-by":"crossref","unstructured":"Hoekstra, M., Lal, R., Pappachan, P., Rozas, C., Phegade, V.: Using innovative instructions to create trustworthy software solutions. In: HASP (2013)","DOI":"10.1145\/2487726.2488370"},{"key":"4_CR36","doi-asserted-by":"crossref","unstructured":"Ristenpart, T., Tromer, E., Shacham, H., Savage, S.: Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In: ACM Conference on Computer and Communications Security (CCS) (2009)","DOI":"10.1145\/1653662.1653687"},{"key":"4_CR37","doi-asserted-by":"crossref","unstructured":"Popa, R., Redfield, C., Zeldovich, N., Balakrishnan, H.: Cryptdb: protecting confidentiality with encrypted query processing. In: ACM SOSP (2011)","DOI":"10.1145\/2043556.2043566"},{"key":"4_CR38","doi-asserted-by":"crossref","unstructured":"Baumann, A., Peinado, M., Hunt, G.: Shielding applications from an untrusted cloud with Haven. In: OSDI (2014)","DOI":"10.1145\/2799647"},{"key":"4_CR39","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"415","DOI":"10.1007\/978-3-642-35170-9_21","volume-title":"Middleware 2012","author":"N Santos","year":"2012","unstructured":"Santos, N., Rodrigues, R., Ford, B.: Enhancing the OS against security threats in system administration. In: Narasimhan, P., Triantafillou, P. (eds.) Middleware 2012. LNCS, vol. 7662, pp. 415\u2013435. Springer, Heidelberg (2012)"},{"key":"4_CR40","doi-asserted-by":"crossref","unstructured":"Barham, P., Dragovic, B., Fraser, K., Hand, S., Harris, T., Ho, A., Neugebauer, R., Pratt, I., Warfield, A.: Xen and the art of virtualization. In: ACM SOSP (2003)","DOI":"10.1145\/945445.945462"},{"key":"4_CR41","unstructured":"Microsoft: Hyper-V Architecture. http:\/\/msdn.microsoft.com\/en-us\/library\/cc768520(BTS.10).aspx"},{"key":"4_CR42","unstructured":"Hand, S., Warfield, A., Fraser, K., Kotsovinos, E., Magenheimer, D.: Are VMMs microkernels done right? In: HotOS (2005)"},{"key":"4_CR43","doi-asserted-by":"crossref","unstructured":"Seshadri, A., Luk, M., Qu, N., Perrig, A.: SecVisor: a tiny hypervisor to provide lifetime kernel code integrity for commodity OSes. In: ACM SOSP (2007)","DOI":"10.1145\/1294261.1294294"},{"key":"4_CR44","doi-asserted-by":"crossref","unstructured":"McCune, J.M., Li, Y., Qu, N., Zhou, Z., Datta, A., Gligor, V., Perrig, A.: TrustVisor: efficient TCB reduction and attestation. In: IEEE Symposium on Security & Privacy (2010)","DOI":"10.1109\/SP.2010.17"},{"key":"4_CR45","doi-asserted-by":"crossref","unstructured":"Steinberg, U., Kauer, B.: NOVA: a microhypervisor-based secure virtualization architecture. In: ACM Eurosys (2010)","DOI":"10.1145\/1755913.1755935"},{"key":"4_CR46","doi-asserted-by":"crossref","unstructured":"Klein, G., Elphinstone, K., Heiser, G., Andronick, J., Cock, D., Derrin, P., Elkaduwe, D., Engelhardt, K., Kolanski, R., Norrish, M., Sewell, T., Tuch, H., Winwood, S.: seL4: Formal verification of an OS kernel. In: ACM SOSP (2009)","DOI":"10.1145\/1629575.1629596"},{"key":"4_CR47","doi-asserted-by":"crossref","unstructured":"Wang, Z., Jang, X.: Hypersafe: a lightweight approach to provide lifetime hypervisor control-flow integrity. In: IEEE Symposium on Security & Privacy (2010)","DOI":"10.1109\/SP.2010.30"},{"key":"4_CR48","doi-asserted-by":"crossref","unstructured":"Murray, D., Milos, G., Hand, S.: Improving xen security through disaggregation. In: ACM VEE (2008)","DOI":"10.1145\/1346256.1346278"},{"key":"4_CR49","unstructured":"Williams, D., Elnikety, E., Eldehiry, M., Jamjoom, H., Huang, H., Weatherspoon, H.: Unshackle the cloud! In: HotCloud (2011)"},{"key":"4_CR50","doi-asserted-by":"crossref","unstructured":"Williams, D., Jamjoom, H., Weatherspoon, H.: The xen-blanket: virtualize once, run everywhere. In: ACM EuroSys (2012)","DOI":"10.1145\/2168836.2168849"}],"container-title":["Lecture Notes in Computer Science","Information Systems Security"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-26961-0_4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,5,29]],"date-time":"2022-05-29T12:44:43Z","timestamp":1653828283000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-26961-0_4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015]]},"ISBN":["9783319269603","9783319269610"],"references-count":50,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-26961-0_4","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2015]]}}}